<?php
	session_start();
	mysql_connect("localhost", "sapmenet_admin", "a1s2d3f4g5h6j7") or die ("Problem with datebase");
	mysql_select_db("sapmenet_users");
	echo("<link rel = 'stylesheet' type = 'text/css' href = 'stakoResultsStyle.css'>");
	$ageFrom=-2;
	$ageTo=200;
	if ($_POST['city']!="")
	{
		$city=$_POST['city'];
		$city=htmlspecialchars($city);
		$city=mysql_real_escape_string($city);
	}
	if ($_POST['from']!="")
	{
		$ageFrom=$_POST['from'];
		$ageFrom=htmlspecialchars($ageFrom);
		$ageFrom=mysql_real_escape_string($ageFrom);
	}
	if ($_POST['to']!="")
	{
		$ageTo=$_POST['to'];
		$ageTo=htmlspecialchars($ageTo);
		$ageTo=mysql_real_escape_string($ageTo);
	}
	$today=date("Y-m-d");  
	$from=$today-($ageTo);
	$to=$today-($ageFrom);
	if ($_POST['city']!="")
	{
		$name=mysql_query("SELECT concat(FirstName,' ',  LastName) AS fullName, mainPic, ID FROM users WHERE city LIKE '".$city."' AND birthdate>'".$from."' AND birthdate<'".$to."'");
	
	}
	else
	{
		$name=mysql_query("SELECT concat(FirstName,' ',  LastName) AS fullName, mainPic, ID FROM users WHERE birthdate>'".$from."' AND birthdate<'".$to."'");
	}
	echo("<h3>Results:</h3>");
	echo("<div id = 'allStakoResults'>");
	while($theResult = mysql_fetch_array($name, MYSQL_NUM))
	{
		echo ("<br>");
		$pic=$theResult[1]."mini.jpg";
		echo ("<a href=http://sapme.net/Framework/profilePage.php?id=".$theResult[2].">");
		echo("<div class = 'stakoSearchResult'>");
		echo ("<img src=".$pic.">");
		echo ($theResult[0]."</div>");
		echo "</a>";
	}
	echo("</div>");
?>